<?php
/**
 * Author Yulin
 * Email  dwzhanglong@126.com
 * Date   2016-6-21
 * Func   菜单管理
 */
defined('IN_YuLin') || exit('NO PERMIT!');

$table     = Table('article');
$catetable = Table('article_category');
if(IS_POST){
    if($a == 'add' || $a == 'edit' ){
        $id = intval($_REQUEST['id']);
        //  表单数据
        $post = $_POST;
       
        $ins = [];
        $ins['title']    =   NoBadStr($post['title']);
        $ins['content']  =   addslashes(htmlspecialchars_decode(NoBadStr($post['content'])));
        $ins['cid']      =  NoBadStr($post['category']);;

        if($id){
            //修改
            $flag = $db->exec('UPDATE '.$table.' SET '.CreateUpdateSql($ins).' WHERE id = '.$id);
        }else{
            $ins['dateline']    =   time();
            $flag = $db->exec('INSERT INTO '.$table.CreateInsertSql($ins));
        }
        if ($flag){
            ShowMsg('操作成功',U($m."/".$c));
            // AjaxReturn(['error'=>'0','msg'=>'操作成功']);
        }else{
            ShowMsg('操作失败',U($m."/".$a));
            // AjaxReturn(['error'=>'1','msg'=>'操作失败']);
        }
    }else if($a == 'delete'){
        $ids = $_POST['ids'];
        foreach ($ids as $k => $v) {
            $ids[$k] = trim(NoBadStr($v));
        }
        $sql = "select id from ".$table." where id in (".implode(',', $ids).")";
        $rows = $db->affected_rows($sql);
        ($rows != count($ids)) && AjaxReturn(['error'=>'1','msg'=>'操作失败']);
        $db->exec("delete from ".$table." WHERE id in (".implode(',', $ids).")");
        AjaxReturn(['error'=>'0','msg'=>"操作".$rows."条数据成功"]);
    }else{
        echo '非法操作';exit();
    }
}

if($a == 'add'){
    // 获取所有的分类
    $categorySql = 'SELECT * FROM ' . $catetable;
    $cate        = $db->getall($categorySql);
    $id=NoBadStr($_REQUEST['id']);
    $data=$db->getrow("select * from ".$table." where id='{$id}'");
    $tpl->display($m.'/notice_add');
}elseif($a == 'del'){
    $id = NoBadStr($_REQUEST['id']);
    if(!$id){
        AjaxReturn(['error'=>'1','msg'=>'参数丢失']);
    }
    $db->exec('DELETE FROM '.$table.' WHERE id = '.$id);
    AjaxReturn(['error'=>'0','msg'=>'删除成功']);
}elseif($a == 'edit'){
    $id=NoBadStr($_REQUEST['id']);
    // 获取所有的分类
    $categorySql = 'SELECT * FROM ' . $catetable;
    $cate        = $db->getall($categorySql);
    $data        = $db->getrow("select * from ".$table." where id='{$id}'");
    $data['content'] = htmlspecialchars_decode($data['content']);
    $tpl->display($m.'/notice_edit');
}else{
    $data  = array();
    $where = ' FROM '.$table.' t WHERE cid = 1';
    
    $tmp = $db->getrow('SELECT COUNT(1) AS p '.$where);
    if($tmp['p']){
        $page = max(1,intval($_GET['page']));
        $size = 20;
        $limit    = ' LIMIT '.($page - 1) * $size.','.$size;

        $orderby = ' ORDER BY t.id ASC ';
        $url = '?m='.$m.'&c='.$c.'&a='.$a;
        $data = $db->getall('SELECT t.* '.$where.$orderby.$limit);
        $multi = Multi($url,$page,$tmp['p'],$size);
    }
    $tpl->display($m.'/notice');
}
?>